{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T21:43:28.117","vulnerabilities":[{"cve":{"id":"CVE-2023-5841","sourceIdentifier":"cve@takeonme.org","published":"2024-02-01T19:15:08.097","lastModified":"2025-11-04T17:15:43.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library."},{"lang":"es","value":"Debido a un fallo en la validación del número de muestras de líneas de escaneo de un archivo OpenEXR que contiene datos de líneas de escaneo profundas, la librería de análisis de imágenes Academy Software Foundation OpenEX versión 3.2.1 y anteriores es susceptible a una vulnerabilidad de desbordamiento de búfer en la región Heap de la memoria."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"cve@takeonme.org","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*","versionEndIncluding":"3.2.1","matchCriteriaId":"95B42B05-2815-4CB0-99A1-B19F587AA13C"}]}]}],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSB6DB5LAKGPLRXEF5HDNGUMT7GIFT2C/","source":"cve@takeonme.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWMINVKQLSUHECXBSQMZFCSDRIHFOJJI/","source":"cve@takeonme.org"},{"url":"https://takeonme.org/cves/CVE-2023-5841.html","source":"cve@takeonme.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2024/Sep/32","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2024/Sep/34","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2024/Sep/36","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSB6DB5LAKGPLRXEF5HDNGUMT7GIFT2C/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWMINVKQLSUHECXBSQMZFCSDRIHFOJJI/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://takeonme.org/cves/CVE-2023-5841.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}